On Don, 2008-01-03 at 22:54 +0100, Moritz Muehlenhoff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ------------------------------------------------------------------------
> Debian Security Advisory DSA-1447-1
security@...
>
http://www.debian.org/security/ Moritz Muehlenhoff
> January 03, 2008
http://www.debian.org/security/faq> - ------------------------------------------------------------------------
>
> Package : tomcat5.5
> Vulnerability : several
> Problem type : remote
> Debian-specific: no
> CVE Id(s) : CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 CVE-2007-5342 CVE-2007-5461
>
installing the update breaks webapps
with the following error
org.apache.commons.logging.LogConfigurationException: java.security.AccessControlException: access denied (java.io.FilePermission /home/nihil/www/java/WEB-INF/classes/logging.properties read) (Caused by java.security.AccessControlException: access denied (java.io.FilePermission /home/nihil/www/java/WEB-INF/classes/logging.properties read))
(it worked before the update and permission are set correctly, i double checked)
this is also the case for tomcat5.5-webapps packages which doesnt work anymore.
best regards, michael
--
To UNSUBSCRIBE, email to
debian-security-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact
listmaster@...
